☆22Jul 29, 2021Updated 4 years ago
Alternatives and similar repositories for TokenStealingDriver
Users that are interested in TokenStealingDriver are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- ☆24Aug 4, 2020Updated 5 years ago
- Hardened Proof of Concept of D/Invoke Process Injection malware☆42Jul 23, 2020Updated 5 years ago
- VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump☆24Jul 6, 2023Updated 2 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- Shellcode antivirus evasion framework☆27Jan 16, 2021Updated 5 years ago
- Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be…☆42Sep 3, 2020Updated 5 years ago
- Silent Cleanup UAC Bypass POC☆11Dec 15, 2019Updated 6 years ago
- Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.☆148Dec 13, 2021Updated 4 years ago
- redteam Build platform☆19Nov 13, 2023Updated 2 years ago
- A shellcode function to encrypt a running process image when sleeping.☆339Sep 11, 2021Updated 4 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Nov 24, 2022Updated 3 years ago
- EQGRP: Replicating DarkPulsar, an DLL capable of hooking Security Package Method Tables on the Heap!☆10Oct 11, 2020Updated 5 years ago
- Service Enumeration C# .NET Assembly☆58Sep 14, 2021Updated 4 years ago
- A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.☆28Dec 16, 2021Updated 4 years ago
- Find kernel32 base and API addresses. Simple C++ implementation☆23Apr 7, 2022Updated 3 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆129May 25, 2021Updated 4 years ago
- Execute Mimikatz with different technique☆51Nov 8, 2021Updated 4 years ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- A repository with my code snippets for research/education purposes.☆53Jul 28, 2023Updated 2 years ago
- A collection of scripts used to support an OffSecOps pipeline.☆15Jan 31, 2021Updated 5 years ago
- D/Invoke port of UrbanBishop☆30Dec 13, 2020Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- Generate AES128/256 Kerberos keys for an AD account using a plaintext password and Python3☆81Jun 1, 2022Updated 3 years ago
- kernel to user mode APC injector☆45Mar 19, 2022Updated 4 years ago
- ☆99Sep 20, 2021Updated 4 years ago
- ☆15Jul 20, 2022Updated 3 years ago
- C++ WinRM API via Reflective DLL☆145Sep 11, 2021Updated 4 years ago
- Core bypass Windows Defender and execute any binary converted to shellcode☆44Oct 12, 2021Updated 4 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆116Feb 27, 2021Updated 5 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- Reflective DLL loading of your favorite Golang program☆173Jan 27, 2020Updated 6 years ago
- JALSI - Just Another Lame Shellcode Injector☆30Aug 1, 2021Updated 4 years ago
- C# Based Universal API Unhooker☆409Feb 18, 2022Updated 4 years ago
- NTAPI hook bypass with (semi) legit stack trace☆19May 9, 2023Updated 2 years ago
- AMSI Bypass Via the Heap☆107Nov 20, 2020Updated 5 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Nov 19, 2020Updated 5 years ago
- This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate a…☆57Nov 4, 2021Updated 4 years ago